BARE BONES installation of free avast! 2014.9.0.2021 with File System Shield (only). All "extras" are not installed or disabled. It wanted server status which I blocked via ZA. I also killed AvastEmUpdate.exe by renaming it in Safe Mode. Windows XP Home SP3, ZoneAlarm 6.1.744.001, Firefox & IE8, Outlook Express, Thunderbird.

Thanks for the links. The first time I tried the zscaler.com link, it said forum.piriform.com is OK. The second time is said it is malicious. The securi.net link reports it as malicious.

forum.piriform.com is an old established forum. I don't go there frequently so don't know how long this problem has existed. Of course they could be infected but I doubt it. I suspect it's just a bug in their code. I tried to email their webmaster but it was returned as undeliverable.

« Last Edit: November 02, 2012, 08:28:55 AM by JohnnyBob »

Logged

BARE BONES installation of free avast! 2014.9.0.2021 with File System Shield (only). All "extras" are not installed or disabled. It wanted server status which I blocked via ZA. I also killed AvastEmUpdate.exe by renaming it in Safe Mode. Windows XP Home SP3, ZoneAlarm 6.1.744.001, Firefox & IE8, Outlook Express, Thunderbird.

BARE BONES installation of free avast! 2014.9.0.2021 with File System Shield (only). All "extras" are not installed or disabled. It wanted server status which I blocked via ZA. I also killed AvastEmUpdate.exe by renaming it in Safe Mode. Windows XP Home SP3, ZoneAlarm 6.1.744.001, Firefox & IE8, Outlook Express, Thunderbird.

noting is 100% secure......and the more people that visit a site, the more interesting it is for thew bad guys to infect as they fish in the pond that have most fish.....bigger chanse that somone take the bait

I'm not getting the avast block anymore (are you?), justFatal error: require_once() [function.require]: Failed opening required './initdata.php' (include_path='.:/usr/local/php53/pear') in /home/ccleaner/public_html/index.php on line 41So I think this is a case of a buggy website, not a virus. They've cut themselves off from the outer world by making their registration private and not providing a working email address to contact them. So they may still be unaware.

Logged

BARE BONES installation of free avast! 2014.9.0.2021 with File System Shield (only). All "extras" are not installed or disabled. It wanted server status which I blocked via ZA. I also killed AvastEmUpdate.exe by renaming it in Safe Mode. Windows XP Home SP3, ZoneAlarm 6.1.744.001, Firefox & IE8, Outlook Express, Thunderbird.

I can't. Apparently nobody can because of the website coding bug. It's not working. I doubt that it is a virus.

Logged

BARE BONES installation of free avast! 2014.9.0.2021 with File System Shield (only). All "extras" are not installed or disabled. It wanted server status which I blocked via ZA. I also killed AvastEmUpdate.exe by renaming it in Safe Mode. Windows XP Home SP3, ZoneAlarm 6.1.744.001, Firefox & IE8, Outlook Express, Thunderbird.

"Piriform is a privately owned software house based in the West End of London, UK"

Though server appears to be in Texas.

When this is in relation to an iframe, I get even more suspicious as it reeks of iframe injection. Look further and you will find that the 46.166.147.133 IP address is on the avast malicious sites list and WOT doesn't like it either. I'm sure if you do any further analysis on the 46.166.147.133 IP you will no doubt find more, so it looks like an iframe injection attack on piriform.